Skip to content

🛠️ [TASK] : rust/c509-certificate updates to the latest RFC Draft (11) #19

New issue
New issue
Closed
#22
Closed
🛠️ [TASK] : rust/c509-certificate updates to the latest RFC Draft (11)#19
#22
Assignees
bkioshn
Labels
documentationPull requests that update a documentationenhancementNew feature or request
@bkioshn

Description

@bkioshn
bkioshn
opened on Sep 10, 2024

Summary

c509 certificate updates to the latest RFC Draft (11)

Description

Update the C509 certificate to the latest RFC Draft 11

The current implementation is based on Draft 9.
Update the code to fit the Draft 11. https://datatracker.ietf.org/doc/draft-ietf-cose-cbor-encoded-cert/11/

Changes made from version 9 vs 11:

  • OID PEN is removed
  • Fix type time, should be unsigned integer
  • Msg field version - the type can be a natively signed C509 certificate following X.509 v3 (c509CertificateType = 2) or a CBOR re-encoded X.509 v3 DER certificate (c509CertificateType = 3)
  • issuer -> if issuer same as subject, issuer is set to null
  • subject shouldn’t be null
  • Relative distinguished name is removed
  • Update documents
  • New TBSCertificate
 TBSCertificate = (
       c509CertificateType: int,
       certificateSerialNumber: CertificateSerialNumber,
        issuerSignatureAlgorithm: AlgorithmIdentifier,
       issuer: Name / null,
       validityNotBefore: ~time,
       validityNotAfter: ~time / null,
       subject: Name,
       subjectPublicKeyAlgorithm: AlgorithmIdentifier,
       subjectPublicKey: any,
       extensions: Extensions,
    )

Metadata

Metadata

Assignees

Labels

documentationPull requests that update a documentationenhancementNew feature or request

Type

No type

Projects

Catalyst

Status

🔬 Ready For QA

Milestone

No milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions